4

I want to run a SMTP server on a Docker container in Elastic Beanstalk, so in my Dockerfile I have exposed the port 25 (and no other ports)

EXPOSE 25

I also edited the beanstalk load balancer (using EC2 web admin) and added port 25 to it:

| LB Protocol | LB Port | Instance Protocol | Instance Port | SSL |
|    TCP      |   25    |        TCP        |        25     | N/A |
....

And edited the security group of the instance to allow inbound TCP traffic to port 25 (allowed all locations to be able to connect to the instance directly).

Doesn't seem to work though. If I use the same Dockerfile in Virtualbox (using option -p 25:25) I can connect to the port 25 through the host machine and the SMTP server is listening. If I run the container in Elastic Beanstalk using the before-mentioned configuration I can't connect to the port 25 neither using the load balancer or directly the EC2 instance.

Any ideas what I'm doing wrong here?

Andris
  • 27,649
  • 4
  • 34
  • 38

1 Answers1

2

Instead of editing the Load Balancer configuration directly from EC2 web admin it is recommended you do it using elasticbeanstalk ebextensions because those changes persist for your environment even if your EC2 instances in the auto-scaling group are replaced.

Can you try the following? Create a file "01-elb.config" in a folder called .ebextensions in your app source with the following contents:

option_settings:
    - namespace: aws:cloudformation:template:parameter
      option_name: InstancePort
      value: 25

Resources:
    AWSEBLoadBalancer:
        Type: AWS::ElasticLoadBalancing::LoadBalancer
        Properties:
            Listeners:
                - InstancePort: 25
                  LoadBalancerPort: 80
                  Protocol: TCP
                - InstancePort: 25
                  LoadBalancerPort: 25
                  Protocol: TCP
            AvailabilityZones:
                - us-west-2a
                  us-west-2b
                  us-west-2c
            HealthCheck:
                Timeout: 5
                Target: TCP:25
                Interval: 30
                HealthyThreshold: 3
                UnhealthyThreshold: 5

This file is in YAML format and hence indentation is important. The option setting ('aws:cloudformation:template:parameter', 'InstancePort') sets the instance port to 25 and also modifies the security group to make sure that port 25 is accessible by the load balancer.

This file is overriding the default Load Balancer Resource created by Elastic Beanstalk with two listeners both having instance port set to 25. Hope that helps.

Read more about customizing your environment with ebextensions here. Can you try creating a new environment with the above file in .ebextensions/01-elb.config file in the appsource directory? Let me know if you run into any issues.

Rohit Banga
  • 18,458
  • 31
  • 113
  • 191
  • 1
    Even though the configuration got me further and the app is now running (I changed instance port to 2555 though as it seems that 25 is already occupied by sendmail), ports seem to be handled invalidly. If I log in to the instance, I can see that my docker container is running but it is accessible from a seemingly random port (0.0.0.0:12472->2555/tcp) and I can connect to this 12472 even from outside (if I modify security group) but not to 2555. – Andris Jul 28 '14 at 08:05
  • 1
    Restarting the app or uploading a new version changes the instance port from 12472 to something else – Andris Jul 28 '14 at 08:07
  • 1
    It seems that Nginx in front of Docker is aware of this port but for some reason treats it as HTTP which it is not. – Andris Jul 28 '14 at 08:20
  • 1
    The issue seems to be with nginx as reverse proxy in front of Docker that is only able to proxy HTTP :S https://forums.aws.amazon.com/message.jspa?messageID=558590#559061 – Andris Jul 28 '14 at 08:29